Currently, in an information recording/reproducing device typified by a magnetic disk device (Hard Disk Drive: HDD), as a method of protecting user data to be stored on a recording medium, proposed and utilized is a method of Full Disk Encryption (FDE), for example. With the FDE, user data is recorded on a recording medium after encryption using an encryption key provided by an accessing person at the time of data recording or using seed data for use to generate the encryption key itself. For reading of the data, decryption is performed through supply of, to an HDD by an accessing person, an encryption key or seed data that is known only by an authorized accessing person, and the result is output as user data. In this case, if the accessing person cannot provide the encryption key or the seed data that is used for recording of the user data and is known only by an authorized accessing person, the decryption operation is erroneously made, thereby outputting data entirely different from that at the time of recording. This thus produces the consistent effects of being able to substantially disable any unauthorized access. However, such user data protection has a problem of being vulnerable in terms of security, i.e., any unauthorized accessing person becomes able to read authorized user data only by taking time by so-called Brute force attack of generating an encryption key sequentially to make access attempts in a Brute force manner.
For recording user data, there is also a method of storing an encryption key generated to be different for each HDD into any safe area in a circuit in the HDD device (generally in a nonvolatile memory not accessible from outside) or into any predetermined position on a magnetic recording medium after encryption using another private key. Only when the access is acknowledged as being made by an authorized accessing person through password authentication or others, are these encryption keys extracted, and the data read from the recording medium is decrypted for use as reproduced user data. That is, with this method, when this encryption key cannot be legally used through a user authentication process by a password or others, the user data cannot be extracted. Also when only a circuit portion of a magnetic disk device is exchanged to another of the same type cancelled with the user authentication process, because the encryption key used for encryption and decryption of user data is different for each of the HDDs so that there are consistent effects of being able to prevent access to the user data. However, as this method, when extraction of the encryption key is made through user authentication by a password or others, even if the encryption key for user data encryption is sufficiently long and Brute force attack is practically impossible for the encryption key itself, if any correct encryption key is available for use by breaking the password authentication with much expenditure of time, there is a problem in terms of security level because the user data can be read out.
That is, with an information recording device with such user data protection, the substantial user data exists practically semipermanently on a recording medium, in other words, exists until the physical chemistry life of a recording medium area storing the user data, and no measure is taken to restrict an access attempt period. There is thus a problem that any unauthorized accessing person can read the user data as long as he or she takes a long time for making access attempts.
In order to solve such problems, Japanese Patent Publication No. JP 2004-362278 (“Patent Document 1”) describes a technology of performing access determination operation with a nonvolatile storage device provided with a control circuit and a nonvolatile storage circuit. That is, the nonvolatile storage circuit includes a storage area of limitation information applying access limitation with respect to use information, and the limitation information includes access period information and access time information. The control circuit determines whether the use information is allowed to be accessed or not based on the time information provided from outside and the limitation information, and based on the time information, the access time information is updated.
Japanese Patent Publication No. 2004-14079 (“Patent Document 2”) describes a technology with a semiconductor recording medium provided with a battery, a clock, a data control section, an address control section, a data storage area, and a bonding pad. With a power supply from the battery, the clock, the data control section, and the address control section are operated, and a setting is made to an effective time for the data to be recorded in the data control section. A match is then always made between the lapse time counted by the clock after the data recording and the effective time thereof, and after the effective time is passed, a command coming from the data control section disables reproduction of the recorded data.
Japanese Patent Publication No. 2004-296031 (“Patent Document 3”) describes a technology with a recording medium provided with an IC section at a part of a non-recording area inside of a recording area from which data reading is optically possible. This IC section is provided with an IC interface that is exposedly formed to be able to establish an electrical connection, and a time-varying section that shows a time-varying change with no power supply. This recording media reading/writing device determines whether it is in a period when this medium is available for use by measuring the state of the time-varying section.
However, the technology of Patent Document 1 requires time counting means for providing the time information from outside of the storage device for verification of access rights. At a place where no access is possible to the time counting means, using the data in the storage device is impossible in the first place, thereby resulting in a large problem in terms of usability. Moreover, even when the storage device is used at a place where the time counting means is accessible, there is a problem in terms of security that the time information provided by the time counting means is not generally guaranteed as being accurate. In order to ensure acquisition of the accurate time information from the time counting means, a person who receives benefits through access limitation is required to provide any accurate time counting means, and a user or the person who receives benefits is required to individually establish an encrypted communications path to the time counting means, thereby resulting in a large problem in terms of cost and usability.
Further, with the technology of Patent Document 2, used is a battery whose element life is generally shorter than that of a semiconductor recording medium, and thus the useful life is restricted as an entire storage medium, thereby resulting in a problem in terms of use cost and reliability as a result of limited life of the entire medium. Even if the battery is exchangeable, no technical description is given about the storage of the effective time before and after the battery exchange, thereby resulting in a problem in terms of feasibility or usability. Moreover, the battery is generally utilizing chemical reaction as its operating principles. Therefore, in the low-temperature environment where the chemical reaction is reduced in speed, the electromotive force is reduced, and contrarily in the high-temperature environment, the effective amount of electric power generation is reduced due to internal discharge. As such, there is a large problem in terms of reliability as a storage medium.
With the technology of Patent Document 3, an IC section is attached to a rotating recording medium, and if the attachment is not reliable enough, there is a possibility that the IC section may fall off during rotation. Moreover, for reading/writing of a nonvolatile memory section of the IC section, an interface section of the IC section is required to be connected with an IC connection section, thereby causing a possibility of dust generation at the time of connection. Furthermore, when an IC section is attached to a disk-shaped recording medium rotating at high speed, some displacement between the rotation center and the center of mass causes large vibrations, and there thus is a danger that the device operation suffers from trouble or the rotation mechanism is broken. As a measure thereagainst, there needs to provide a mechanism to the side of a medium driving device for compensating the rotation balance, or provide a balance weight onto a medium for compensating the mass of the IC section, and manage the attachment positions of the IC section and the balance weight with high precision. Therefore, this is considered disadvantageous because the manufacturing cost of an information recording/reproducing device and that of a recording medium are both increased.
Useful is an information recording/reproducing device having a high level of security with respect to any unauthorized access with no need to include time counting means and a power source therefor, and with no need to use any external time information provision means and any safe communications path to reach the time information provision means.